Category: Cyber-crime

September 25, 2023

Check Point researchers warn of a new variant of a banking trojan, called BBTok, that is targeting users of over 40 banks in Latin America. The new malware campaign relies on new infection chains and employs a unique combination of […]

September 21, 2023

Days after a miscreant boasted leaking a 3GB-plus database from TransUnion containing financial information on 58,505 people, the credit-checking agency has claimed the info was actually swiped from a third party. On Sunday, a thief using the handle USDoD shared […]

September 20, 2023

The International Criminal Court said crooks breached its IT systems last week, and that attack isn’t over yet, with the ICC saying the “cybersecurity incident” is still ongoing. In a statement shared via the site formerly known as Twitter, the […]

September 15, 2023

The International Joint Commission, a body that manages water rights along the US-Canada border, has confirmed its IT security was targeted, after a ransomware gang claimed it stole 80GB of data from the organization. “The International Joint Commission has experienced […]

September 15, 2023

The UK’s Greater Manchester Police (GMP) has admitted that crooks have got their mitts on some of its data after a third-party supplier responsible for ID badges was attacked. According to the Manchester Evening News the stolen data included the […]

September 6, 2023

A previously undocumented “phishing empire” has been linked to cyber attacks aimed at compromising Microsoft 365 business email accounts over the past six years. “The threat actor created a hidden underground market, named W3LL Store, that served a closed community […]

September 5, 2023

Meta has disclosed that it disrupted two of the largest known covert influence operations in the world from China and Russia, blocking thousands of accounts and pages across its platform. “It targeted more than 50 apps, including Facebook, Instagram, X […]

September 1, 2023

A new phishing attack likely targeting civil society groups in South Korea has led to the discovery of a novel remote access trojan called SuperBear. The intrusion singled out an unnamed activist, who was contacted in late August 2023 and […]

August 31, 2023

ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tools for Telegram and Signal are attributed to the China-aligned APT group GREF. Most likely active since July 2020 and since July 2022, respectively […]

August 31, 2023

Cybercriminals are mining the capabilities of an open source infostealer called “SapphireStealer,” developing a legion of variants that are helping to democratize the cybercrime landscape when it comes to carrying out data-theft attacks. Ever since a Russian-language hacker named Roman […]

August 29, 2023

A suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway (ESG) appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign. Mandiant, which […]

August 25, 2023

A nation-state activity group originating from China has been linked to cyber attacks on dozens of organizations in Taiwan as part of a suspected espionage campaign. The Microsoft Threat Intelligence team is tracking the activity under the name Flax Typhoon, […]

August 24, 2023

A new financially motivated operation is leveraging a malicious Telegram bot to help threat actors scam their victims. Dubbed Telekopye, a portmanteau of Telegram and kopye (meaning “spear” in Russian), the toolkit functions as an automated means to create a […]

August 22, 2023

A previously undocumented threat cluster has been linked to a software supply chain attack targeting organizations primarily located in Hong Kong and other regions in Asia. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under its […]

August 21, 2023

Threat actors are leveraging access to malware-infected Windows and macOS machines to deliver a proxy server application and use them as exit nodes to reroute proxy requests. According to AT&T Alien Labs, the unnamed company that offers the proxy service […]

August 21, 2023

The threat actors behind the HiatusRAT malware have returned from their hiatus with a new wave of reconnaissance and targeting activity aimed at Taiwan-based organizations and a U.S. military procurement system. Besides recompiling malware samples for different architectures, the artifacts […]

August 17, 2023

An ongoing campaign targeting ministries of foreign affairs of NATO-aligned countries points to the involvement of Russian threat actors. The phishing attacks feature PDF documents with diplomatic lures, some of which are disguised as coming from Germany, to deliver a […]

August 15, 2023

A “staggering” 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious actors. The findings come from Hudson Rock, which analyzed data collected from computers compromised between 2018 to 2023. “Hackers around […]

August 14, 2023

Germany’s Federal Office for the Protection of the Constitution (BfV) has warned of cyber attacks targeting Iranian persons and organizations in the country since the end of 2022. “The cyber attacks were mainly directed against dissident organizations and individuals – […]

August 10, 2023

Threat actors are increasingly using a phishing-as-a-service (PhaaS) toolkit dubbed EvilProxy to pull off account takeover attacks aimed at high-ranking executives at prominent companies. According to Proofpoint, an ongoing hybrid campaign has leveraged the service to target thousands of Microsoft […]